Digital Identity Interoperability and eInnovation

Von Ralf Keuper

Welche Voraussetzungen technologischer, ökonomischer, rechtlicher und gesellschaftspolitischer Art müssen gegeben sein, damit ein Identity-System sich am Markt etablieren kann? Diese Frage beschäftigt Insider und Marktbeobachter seit Jahren. Zuletzt stellte Andreas Windisch seine Erfolgsfaktoren für e-Identity-Systeme vor.

Im Jahr 2007 widmeten sich John Palfrey und Urs Gasser in Digital Identity Interoperability and eInnovation ebenfalls dieser Fragestellung. Die Gedankengänge sind m.E. nach wie vor von hoher Relevanz und Aktualität. Daher einige prägnante Auszüge daraus.

Zum Thema Innovation mit und durch Digitale Identitäten:

Innovation in Digital ID likewise requires definition. For the purposes of this case, we define innovation as the process of developing and introducing new elements into products and services, noting that this occurs both within the digital identity “layer” and atop it. In a closed, proprietary sense, innovation can manifest as product updates and feature releases. In a more open sense, it can also include new developments by outsiders, including users, third party programmers, and even competitors of the original producer or service provider. Innovation can occur within the Digital ID space, in technology and in business models. As Digital ID has the potential to be an enabling technology, there is also the possibility of innovation happening on ‘layers’ above this space – in Web services, at the content layer, and in areas not yet conceived.

Nutzerzentrierung und Interoperabilität:

A user-centric model must have at least a base amount of interoperability in order for an individual to use their digital ID for multiple services. The data format (such as XML, SAML, or OpenID protocols) and the authentication
systems at the endpoints would, at the very least, have to support the proffered credentials. A greater level of interoperability would entail developing a consistent interface, such that the experience is seamless between sites. One could imagine a system whereby similarly situated retailers would request similar information in an identical way from their customers. In between common understanding of authentication credentials and completely identical ID systems, there are many ways user-centric Digital ID systems can interoperate with one another

Interoperabilität versus Lock-in-Effekte und Datensilos:

Interoperability among silos can occur, but integrating siloed data to create new services or facilitate existing ones is costly, cumbersome, and raises serious privacy and security concerns. This is so because, while federations are organized to interoperate securely, centralized repositories are usually implemented with security controls intentionally designed or incidentally constructed to create lock-in and make interoperability difficult. Service providers such as Facebook and LinkedIn have provided some degrees of interoperability with other data holders by making it possible for their members to enter log-in information for their email accounts and search their email address book for contacts with whom they are not yet connected on the service.

Die Komplexität der Anwendungen sowie die Bequemlichkeit der Anwender spielen den Daten-Oligopolisten in die Hände:

A major drawback of the user-centric model is its complexity. There are significant technical challenges of creating a system that sufficiently satisfies all parties, such that they actually use it. With this come social challenges in educating business owners and users. Most web businesses are accustomed to asking users to provide identifying information – often more than strictly necessary – and users are used to providing it, and setting up a username and password for each site. This situation is familiar, if cumbersome. No understanding of technology or relationships involving third parties is necessary. In contrast, a user-centric Digital ID model requires both user and relying party to develop relationships with one or more trusted Identity Providers and possibly install and learn new software. Less tech-savvy individuals and relying parties may initially feel that the status quo is “good enough.” This attitude could be a barrier to widespread adoption. Furthermore, because businesses that currently collect identifying data frequently profit by using it for marketing and/or selling it to direct marketers, they may be reluctant to give up control over their customers’ data.

Wer als Erster die Login-In-Daten der Kunden besitzt, verfügt über einen hohen strategischen Vorteil, den er nur ungern aufgibt bzw. durch Interoperabilittät aufweicht:

Among businesses engaged in e-commerce in particular, incentives towards interoperability are weaker than among their ID business counterparts. This is especially true for companies engaged in the sale of products that can be termed e-commerce commodities – airline tickets, books, electronics, and the like. In this space, all that may be keeping a buyer going to one site over another may be the reality that the first site already has their log-in information, credit card numbers and preferences. Even though this lock-in may be fleeting, any part of the transaction process that can keep a customer creates incentives against interoperability. For businesses where information on previous transactions and habits can significantly enhance the customer experience, the ability to access an account’s history can establish more lasting lock-in

Erst wenn die Nutzer mit ihren personenbezogenen Daten und Identitäten relativ problemlos von einem Anbieter zum anderen wechseln können oder die Dienste mehrerer Anbieter nutzen können, ohne neue Konten anzulegen, werden sich Identity-Systeme, die sowohl den Schutz der Daten wie auch der Privatsphäre gewährleisten, durchsetzen:

Interoperability of Digital ID would bring both benefits and drawbacks for consumers. Many benefits and drawbacks will not become fully clear until the technology becomes more mature and innovative applications start to emerge, but some plausible predictions can be made. Among the projected benefits of interoperability in this context are ease-of-use, privacy, anonymity and low price. An interoperable Digital ID system could also grow the Internet economy as a whole by enabling new areas of Internet-based transactions. Most of these characteristics are made possible by interoperable single-signon systems. Demand for low price is probably best satisfied by competition among ID providers, and interoperability allows them to move between competing providers without prohibitive switching costs.


Seit 2007 hat sich – technologisch –  einiges geändert – jedoch haben sich die Machtverhältnisse kaum verschoben. Im Gegenteil: Facebook und Google sind noch mächtiger geworden. Inzwischen steigt jedoch die Zahl der Initiativen, die darauf abzielen, die Marktmacht von Google, facebook und anderen Internetkonzernen zu brechen, zumindest zu begrenzen. Genannt seien Verimi, netID und YES sowie die verschiedenen Projekte aus dem Umfeld der Blockchain-Technologie wie Sovrin und in Deutschland Blockchain-Helix, und Jolocom.

Entscheidendes Erfolgskriterium ist die Interoperabilität. Dazu sind Standards nötig. Ob diese von privaten Unternehmen geschaffen werden können oder sollten oder ob das nicht eher eine Aufgabe für öffentliche Institutionen ist, bedarf der Diskussion. Eines ist sicher: Um gegen Google, facebook &. Co. bestehen zu können, muss das Lagerdenken in Deutschland und Europa überwunden werden.

Dieser Beitrag wurde unter Blockchain / Distributed Ledger Technology, Digitale Identitäten, Digitale Plattformen / Plattformökonomie veröffentlicht. Setze ein Lesezeichen auf den Permalink.